US20230381404A1 - User authentication for setting at least one infusion pump - Google Patents

User authentication for setting at least one infusion pump Download PDF

Info

Publication number
US20230381404A1
US20230381404A1 US18/323,067 US202318323067A US2023381404A1 US 20230381404 A1 US20230381404 A1 US 20230381404A1 US 202318323067 A US202318323067 A US 202318323067A US 2023381404 A1 US2023381404 A1 US 2023381404A1
Authority
US
United States
Prior art keywords
medical device
authentication
user
server unit
authentication server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
US18/323,067
Inventor
Horst Schmoll
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
B Braun Melsungen AG
Original Assignee
B Braun Melsungen AG
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by B Braun Melsungen AG filed Critical B Braun Melsungen AG
Assigned to B. BRAUN MELSUNGEN AG reassignment B. BRAUN MELSUNGEN AG ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: SCHMOLL, HORST
Publication of US20230381404A1 publication Critical patent/US20230381404A1/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16HHEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
    • G16H20/00ICT specially adapted for therapies or health-improving plans, e.g. for handling prescriptions, for steering therapy or for monitoring patient compliance
    • G16H20/10ICT specially adapted for therapies or health-improving plans, e.g. for handling prescriptions, for steering therapy or for monitoring patient compliance relating to drugs or medications, e.g. for ensuring correct administration to patients
    • G16H20/17ICT specially adapted for therapies or health-improving plans, e.g. for handling prescriptions, for steering therapy or for monitoring patient compliance relating to drugs or medications, e.g. for ensuring correct administration to patients delivered via infusion or injection
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • AHUMAN NECESSITIES
    • A61MEDICAL OR VETERINARY SCIENCE; HYGIENE
    • A61MDEVICES FOR INTRODUCING MEDIA INTO, OR ONTO, THE BODY; DEVICES FOR TRANSDUCING BODY MEDIA OR FOR TAKING MEDIA FROM THE BODY; DEVICES FOR PRODUCING OR ENDING SLEEP OR STUPOR
    • A61M5/00Devices for bringing media into the body in a subcutaneous, intra-vascular or intramuscular way; Accessories therefor, e.g. filling or cleaning devices, arm-rests
    • A61M5/14Infusion devices, e.g. infusing by gravity; Blood infusion; Accessories therefor
    • A61M5/142Pressure infusion, e.g. using pumps
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16HHEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
    • G16H40/00ICT specially adapted for the management or administration of healthcare resources or facilities; ICT specially adapted for the management or operation of medical equipment or devices
    • G16H40/20ICT specially adapted for the management or administration of healthcare resources or facilities; ICT specially adapted for the management or operation of medical equipment or devices for the management or administration of healthcare resources or facilities, e.g. managing hospital staff or surgery rooms
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16HHEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
    • G16H40/00ICT specially adapted for the management or administration of healthcare resources or facilities; ICT specially adapted for the management or operation of medical equipment or devices
    • G16H40/40ICT specially adapted for the management or administration of healthcare resources or facilities; ICT specially adapted for the management or operation of medical equipment or devices for the management of medical equipment or devices, e.g. scheduling maintenance or upgrades
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16HHEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
    • G16H40/00ICT specially adapted for the management or administration of healthcare resources or facilities; ICT specially adapted for the management or operation of medical equipment or devices
    • G16H40/60ICT specially adapted for the management or administration of healthcare resources or facilities; ICT specially adapted for the management or operation of medical equipment or devices for the operation of medical equipment or devices
    • G16H40/63ICT specially adapted for the management or administration of healthcare resources or facilities; ICT specially adapted for the management or operation of medical equipment or devices for the operation of medical equipment or devices for local operation
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16HHEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
    • G16H40/00ICT specially adapted for the management or administration of healthcare resources or facilities; ICT specially adapted for the management or operation of medical equipment or devices
    • G16H40/60ICT specially adapted for the management or administration of healthcare resources or facilities; ICT specially adapted for the management or operation of medical equipment or devices for the operation of medical equipment or devices
    • G16H40/67ICT specially adapted for the management or administration of healthcare resources or facilities; ICT specially adapted for the management or operation of medical equipment or devices for the operation of medical equipment or devices for remote operation
    • AHUMAN NECESSITIES
    • A61MEDICAL OR VETERINARY SCIENCE; HYGIENE
    • A61MDEVICES FOR INTRODUCING MEDIA INTO, OR ONTO, THE BODY; DEVICES FOR TRANSDUCING BODY MEDIA OR FOR TAKING MEDIA FROM THE BODY; DEVICES FOR PRODUCING OR ENDING SLEEP OR STUPOR
    • A61M5/00Devices for bringing media into the body in a subcutaneous, intra-vascular or intramuscular way; Accessories therefor, e.g. filling or cleaning devices, arm-rests
    • A61M5/14Infusion devices, e.g. infusing by gravity; Blood infusion; Accessories therefor
    • A61M5/142Pressure infusion, e.g. using pumps
    • A61M2005/14208Pressure infusion, e.g. using pumps with a programmable infusion control system, characterised by the infusion program
    • AHUMAN NECESSITIES
    • A61MEDICAL OR VETERINARY SCIENCE; HYGIENE
    • A61MDEVICES FOR INTRODUCING MEDIA INTO, OR ONTO, THE BODY; DEVICES FOR TRANSDUCING BODY MEDIA OR FOR TAKING MEDIA FROM THE BODY; DEVICES FOR PRODUCING OR ENDING SLEEP OR STUPOR
    • A61M2205/00General characteristics of the apparatus
    • A61M2205/35Communication
    • A61M2205/3546Range
    • A61M2205/3553Range remote, e.g. between patient's home and doctor's office
    • AHUMAN NECESSITIES
    • A61MEDICAL OR VETERINARY SCIENCE; HYGIENE
    • A61MDEVICES FOR INTRODUCING MEDIA INTO, OR ONTO, THE BODY; DEVICES FOR TRANSDUCING BODY MEDIA OR FOR TAKING MEDIA FROM THE BODY; DEVICES FOR PRODUCING OR ENDING SLEEP OR STUPOR
    • A61M2205/00General characteristics of the apparatus
    • A61M2205/50General characteristics of the apparatus with microprocessors or computers
    • A61M2205/502User interfaces, e.g. screens or keyboards
    • AHUMAN NECESSITIES
    • A61MEDICAL OR VETERINARY SCIENCE; HYGIENE
    • A61MDEVICES FOR INTRODUCING MEDIA INTO, OR ONTO, THE BODY; DEVICES FOR TRANSDUCING BODY MEDIA OR FOR TAKING MEDIA FROM THE BODY; DEVICES FOR PRODUCING OR ENDING SLEEP OR STUPOR
    • A61M2205/00General characteristics of the apparatus
    • A61M2205/60General characteristics of the apparatus with identification means
    • A61M2205/6009General characteristics of the apparatus with identification means for matching patient with his treatment, e.g. to improve transfusion security
    • AHUMAN NECESSITIES
    • A61MEDICAL OR VETERINARY SCIENCE; HYGIENE
    • A61MDEVICES FOR INTRODUCING MEDIA INTO, OR ONTO, THE BODY; DEVICES FOR TRANSDUCING BODY MEDIA OR FOR TAKING MEDIA FROM THE BODY; DEVICES FOR PRODUCING OR ENDING SLEEP OR STUPOR
    • A61M2205/00General characteristics of the apparatus
    • A61M2205/60General characteristics of the apparatus with identification means
    • A61M2205/6063Optical identification systems
    • A61M2205/6072Bar codes
    • AHUMAN NECESSITIES
    • A61MEDICAL OR VETERINARY SCIENCE; HYGIENE
    • A61MDEVICES FOR INTRODUCING MEDIA INTO, OR ONTO, THE BODY; DEVICES FOR TRANSDUCING BODY MEDIA OR FOR TAKING MEDIA FROM THE BODY; DEVICES FOR PRODUCING OR ENDING SLEEP OR STUPOR
    • A61M2205/00General characteristics of the apparatus
    • A61M2205/60General characteristics of the apparatus with identification means
    • A61M2205/609Biometric patient identification means

Definitions

  • the present disclosure relates to a system and method for granting permission clearance to a medical device or to at least one first medical device of a device complex in order to adjust settings on the one medical device or on the at least one first medical device of a device complex.
  • Authentication is the general term for checking the authenticity of a proof of identity.
  • an operating system of a device which can grant access to a secured area, for example a setting of the device
  • the user first claims his access permission by entering a previously set, anonymous user name.
  • the user authenticates himself by entering a password or numeric code, which has also been previously set.
  • the operating system then identifies the user based on this information and subsequently performs authentication, i.e., verification of the provided claim about authenticity. Only when this verification is successful, is the user assigned the defined access authorizations, usually for the duration of a session, as part of the authorization process.
  • EP 3 087 771 B1 discloses systems, devices, and methods that provide authentication for the operation/use of devices within analyte monitoring systems.
  • the analyte monitoring systems may be in vivo systems and may include a sensor control device having a sensor and accompanying circuitry, and a reader device for communicating with the sensor control device.
  • the analyte monitoring systems may be connected to a trusted computer system located at a remote site.
  • EP 3 859 573 A1 discloses a method for automatically unlocking and/or locking a computer-based medical product in a system.
  • the system comprises the computer-based medical product and a mobile terminal device, wherein the mobile terminal device comprises a first wireless communication device for wireless transmission and reception of data, wherein mobile application software is executable via the mobile terminal device.
  • the medical product comprises a device computer, a second wireless communication device for wireless transmission and reception of data, wherein a driver software is executable on the device computer, which can establish a wireless communication connection to the first communication device of the mobile terminal device via the second communication device of the medical product.
  • the medical product is automatically switched from a locked state to an unlocked state when the first communication device of the mobile terminal device has established a wireless connection with the second communication device of the medical product and the signal strength of the signal of the first communication device of the mobile terminal device received by the second communication device of the medical product exceeds a predetermined first threshold value and/or the medical product is automatically switched from an unlocked state to a locked state, when the first communication device of the mobile terminal device has established a wireless connection with the second communication device of the medical product and the signal strength of the signal of the first communication device of the mobile terminal device received by the communication device of the medical product falls below a predetermined second threshold value and/or if the wireless connection is interrupted for longer than a predetermined first time interval.
  • US 2017 0 140 134 describes an exemplary medical device.
  • the device includes a physiological measurement device, a device management engine, a user caching engine, and a login engine.
  • the device management engine is configured to receive data acquired from the physiological measurement device.
  • the user caching engine is configured to store cache records linked with users in a user cache.
  • the login engine is configured to receive a user ID that is hardcoded to a particular user and to determine whether the user ID is associated with a cache record stored in the user cache. If it is determined that the user ID is linked with a cache record stored in the user cache, the login engine is configured to log the user in. If it is not determined that the user ID is linked with an unexpired cache record that is stored in the user cache, the login engine is configured to prompt the user for proof of authorization.
  • the present disclosure is based on the object of providing a system that enables simple, fast and user-dependent, secure authentication. Furthermore, it is in particular a goal of the present disclosure to eliminate or at least improve disadvantages of the prior art.
  • the system for granting permission clearance to one medical device or to at least one first medical device of a device complex, in particular an infusion pump, in order to adjust settings on the one medical device or on the at least one first medical device of a device complex has an authentication server unit provided and configured to perform authentication, the one medical device or the at least one first medical device, and an authentication apparatus, preferably in the form of a mobile terminal device/a mobile terminal device.
  • the authentication apparatus and/or the one medical device or the at least one first medical device is provided and configured to perform authentication of at least one user, wherein the one medical device or the at least one first medical device and/or the authentication apparatus is provided and configured to communicate with the authentication server unit to perform authentication of the one medical device or the at least one first medical device.
  • the authentication server unit is provided and configured to enable the one medical device or the at least one first medical device with a user-specific use level based on user data.
  • the system grants setting of/on the one medical device or of/on the at least one first medical device, in particular an infusion pump.
  • an authentication apparatus in which a user enters his login data (login information) or user name and password, respectively.
  • the login data or the user name and password may also be entered directly at the medical device, if it is a single device, or directly at a first medical device, if it is a device complex.
  • a first medical device is provided, which is the so-called main device, i.e. the medical device with the help of which the authentication and authenticating is carried out or with which a first communication or a first input takes place.
  • the login data or the user name and password are forwarded/sent to the authentication server unit in order to perform authentication, i.e. to check whether the user name and password are correct and whether granting a permission clearance should be permitted. If authentication is successful, a permission clearance is granted to the user together with a corresponding user-specific use level, which is preferably stored in the authentication server unit.
  • a system for user authentication is provided for one medical device or a group of medical devices.
  • the initial authentication may be performed via an authentication apparatus/mobile application or (directly) on the one medical device or on the one first medical device.
  • the user level assigned to a user grants the user corresponding access to a user interface of the medical device or of the at least one first medical device, respectively.
  • An authentication apparatus/mobile application communicates with the authentication server unit/with an IT server.
  • the one medical device or the at least one first medical device is also connected to the authentication server unit and bidirectional communication is established. The user enters the user data into the authentication device.
  • the user data may be entered directly into the first medical device.
  • username and password or biometric data are used for user authentication. It is preferred if the authentication apparatus is provided and configured so that the data for user authentication can be entered therein. This user data/login data is sent to the authentication server unit either by the authentication apparatus or by the one/first medical device.
  • the authentication server unit is provided and configured to unlock at least one further medical device in communication contact with the at least one first medical device from the device complex, preferably with the user-specific use level.
  • the authentication server unit sends an authentication command to at least one further medical device or respectively to all medical devices in communication contact with the first medical device. That is, it is preferred if the further medical devices or the group of medical devices belongs to the first medical device.
  • a group is 1 to n medical devices, which are identifiable by the server and belong, for example, to the same bed location or to the same patient, or are arranged in an (infusion pump) rack.
  • the one medical device or the at least one first medical device or the authentication apparatus is provided and configured to enter the user data therein and send it to the authentication server unit.
  • the authentication server unit is provided and configured to check and validate the entered data. After successful authentication, the user is linked to his user profile, which contains/has use levels/the use level for the one medical device or the at least one first medical device.
  • the authentication server unit is provided and configured to send an authentication command to the at least one further medical device, wherein the authentication command comprises information, preferably at least a user name, a time stamp and the user-specific use level.
  • the authentication command comprises at least a user name, a user level/use level and a time stamp.
  • the one medical device or the at least one first medical device is provided and configured to display a code, preferably a QR code or barcode, which is provided and configured to output a device identification of the at least one first medical device by scanning via the authentication apparatus.
  • a code preferably a QR code or barcode
  • a communication connection between the authentication server unit and the one medical device or the at least one first medical device is configured bidirectionally.
  • the at least one further medical device ( 2 ) is provided and configured to store the information of the authentication command, preferably in a test protocol of the at least one further medical device.
  • the at least one further medical device is provided and configured to store this command in the test protocol of the at least one further medical device and to grant access to a user interface according to the received use level/user level.
  • the identification of the one medical device is already known to the authentication server unit.
  • the user enters the identification number of the medical device, for example by manually entering a number or by scanning a barcode containing the number. It is possible to use technologies such as RFID, Bluetooth or NFC for device identification.
  • system is provided and configured to enable processing of the one medical device or of the at least one first and/or of the at least one further medical device without authentication in an emergency situation, preferably at a lowest use level.
  • the medical device has to allow access at the lowest use level without authentication.
  • an anonymous user name is stored in the test protocol, and only a mandatory subset of the device functions associated with the lowest use level is available to the user.
  • the authentication device is configured and provided to control at least parts of the functionality of the at least one medical device or of the group of medical devices, respectively.
  • the at least one medical device is provided to require re-authentication after a certain period of inactivity.
  • the present disclosure relates to a method for granting permission clearance to a medical device or to at least one first medical device of a device complex, in particular an infusion pump, in order to adjust settings on the one medical device or on the at least one first medical device of a device complex, comprising the following steps:
  • the method comprises the following steps:
  • a user enters their user data into the authentication apparatus/mobile application or into a single (first) medical device.
  • the user data is sent from the authentication apparatus or from the single (first) medical device to the authentication server unit and grants the user access to the corresponding medical device.
  • the authenticated user is assigned a use rank/use level for the corresponding medical device. Subsequently, the device identification is then entered in the mobile application.
  • the input is preferably made by manual input or by scanning a barcode or via Bluetooth.
  • the authentication server unit sends an authentication command to all further medical devices in communication with the first medical device or belonging to the device group, respectively.
  • the authentication command contains the user name, the use level and the time stamp.
  • the medical devices store the received user name and the use level in their test protocol.
  • the medical devices allow the use according to the received user level.
  • FIG. 1 is a diagram illustrating a system exemplified by a group of medical devices or infusion pumps, respectively, in accordance with an embodiment of the present disclosure.
  • FIG. 2 is a flowchart of the method according to the present disclosure.
  • FIG. 1 is a diagram illustrating a system 1 according to an embodiment of the present disclosure.
  • FIG. 1 shows a first medical device 2 , an authentication server unit 3 , and an authentication apparatus 4 . Furthermore, FIG. 1 shows further medical devices 2 a which are in communication contact with the first medical device 2 .
  • the first medical device 2 and the other medical devices 2 a in communication contact with it are preferably arranged in a device complex/rack 5 or at least in one room and associated with one patient.
  • the first medical device 2 and/or the authentication apparatus 4 is/are provided and configured to communicate with the authentication server unit 3 for performing authentication of the first medical device 2 .
  • the authentication server unit 3 Upon successful authentication of the first medical device 2 , the authentication server unit 3 is provided and configured to unlock the first medical device 2 with a user-specific use level based on entered user data.
  • a first communication connection 6 is provided between the first medical device 2 and the authentication server unit 3 . Additionally or alternatively, a first communication connection 6 is provided between the authentication apparatus 4 and the authentication server unit 3 .
  • the authentication server unit 3 has a respective second communication connection 7 with the first medical device 2 and the further medical devices 2 a.
  • the first communication connection 6 is configured and provided to send input data entered by a user to the authentication server unit 3 .
  • the second communication connection 7 is configured and provided to send an authentication command to the first medical device 2 and the further medical devices 2 a .
  • the communication connections 6 and 7 which connect the first medical device 2 and the authentication server unit 3 , are therefore a bidirectional communication connection.
  • the authentication apparatus 4 is provided and configured to perform a device identification 8 .
  • the device identification 8 is performed via a manual input or scanning of a barcode or via Bluetooth.
  • FIG. 2 is a flowchart of the method according to the present disclosure.
  • a first step S 1 user data, preferably user name and password or biometric data, is input into the authentication apparatus 4 or into at least a first medical device 2 .
  • a second step S 2 the input is sent to an authentication server unit 3 .
  • the input received is checked and validated by the authentication server unit 3 .
  • a device identification 8 of the first medical device 2 is performed. This is done by entering the device identification 8 into the authentication apparatus 4 , preferably by scanning a code that can be displayed on the first medical device 2 .
  • a subsequent step S 4 the first medical device 2 is authenticated and in a step S 5 , a user-specific use level is assigned to the first medical device 2 .
  • a step S 6 the authentication server unit 3 sends an authentication command to at least one further medical device 2 a.
  • step S 7 the received information of the authentication command is stored in a test protocol of each medical device 2 and 2 a .
  • the information is at least a user name, the use level and a time stamp.
  • a final step S 8 the user uses the at least one medical device 2 and/or 2 a according to the received use level to adjust a setting.
  • Using the at least one medical device 2 and/or 2 a means setting existing and/or required parameters.

Abstract

A system and method for granting permission clearance to at least one first medical device of a device complex to adjust settings on the first medical device of a device complex. The system has an authentication server unit configured to perform authentication, the first medical device, and an authentication apparatus. The authentication apparatus and/or the first medical device is configured to perform authentication of at least one user. The first medical device and/or the authentication apparatus is configured to communicate with the authentication server unit to perform authentication of the first medical device. Upon successful authentication of the first medical device, the authentication server unit is configured to enable the first medical device with a user-specific use level based on user data.

Description

    CROSS-REFERENCE TO RELATED APPLICATION(S)
  • This application claims priority under 35 U.S.C. § 119 to German Application No. 10 2022 113 210.2, filed on May 25, 2022, the content of which is incorporated by reference herein in its entirety.
    • FIELD
  • The present disclosure relates to a system and method for granting permission clearance to a medical device or to at least one first medical device of a device complex in order to adjust settings on the one medical device or on the at least one first medical device of a device complex.
    • BACKGROUND
  • Authentication is the general term for checking the authenticity of a proof of identity. In the example of an operating system of a device, which can grant access to a secured area, for example a setting of the device, the user first claims his access permission by entering a previously set, anonymous user name. In addition, the user authenticates himself by entering a password or numeric code, which has also been previously set. The operating system then identifies the user based on this information and subsequently performs authentication, i.e., verification of the provided claim about authenticity. Only when this verification is successful, is the user assigned the defined access authorizations, usually for the duration of a session, as part of the authorization process.
  • With known user authentication procedures for the use of any device, any person can theoretically access the device in question as long as they have the password/number code and user name. Against this background, however, in the case of a medical device, for example, the actual identity of the user would not be known and could therefore not be recorded for subsequent therapy documentation. With regard to the necessary access restrictions of current medical devices, however, a multi-digit, in particular four-digit numerical code in accordance with generally known user authentication procedures does not satisfy the current security requirements in medical technology. Any person in possession of the corresponding numerical code/password and, if applicable, the anonymous user name would be able to access the medical device, which must not be possible. Rather, it is of considerable importance that only very specific, designated persons can, for example, adjust settings on the respective medical device. For this purpose, such authentication is necessary in order to grant only a specific or selected user(s) permission to adjust various settings on the medical device.
  • EP 3 087 771 B1 discloses systems, devices, and methods that provide authentication for the operation/use of devices within analyte monitoring systems. The analyte monitoring systems may be in vivo systems and may include a sensor control device having a sensor and accompanying circuitry, and a reader device for communicating with the sensor control device. The analyte monitoring systems may be connected to a trusted computer system located at a remote site.
  • EP 3 859 573 A1 discloses a method for automatically unlocking and/or locking a computer-based medical product in a system. The system comprises the computer-based medical product and a mobile terminal device, wherein the mobile terminal device comprises a first wireless communication device for wireless transmission and reception of data, wherein mobile application software is executable via the mobile terminal device. The medical product comprises a device computer, a second wireless communication device for wireless transmission and reception of data, wherein a driver software is executable on the device computer, which can establish a wireless communication connection to the first communication device of the mobile terminal device via the second communication device of the medical product. In this regard, it is provided that the medical product is automatically switched from a locked state to an unlocked state when the first communication device of the mobile terminal device has established a wireless connection with the second communication device of the medical product and the signal strength of the signal of the first communication device of the mobile terminal device received by the second communication device of the medical product exceeds a predetermined first threshold value and/or the medical product is automatically switched from an unlocked state to a locked state, when the first communication device of the mobile terminal device has established a wireless connection with the second communication device of the medical product and the signal strength of the signal of the first communication device of the mobile terminal device received by the communication device of the medical product falls below a predetermined second threshold value and/or if the wireless connection is interrupted for longer than a predetermined first time interval.
  • Finally, US 2017 0 140 134 describes an exemplary medical device. The device includes a physiological measurement device, a device management engine, a user caching engine, and a login engine. The device management engine is configured to receive data acquired from the physiological measurement device. The user caching engine is configured to store cache records linked with users in a user cache. The login engine is configured to receive a user ID that is hardcoded to a particular user and to determine whether the user ID is associated with a cache record stored in the user cache. If it is determined that the user ID is linked with a cache record stored in the user cache, the login engine is configured to log the user in. If it is not determined that the user ID is linked with an unexpired cache record that is stored in the user cache, the login engine is configured to prompt the user for proof of authorization.
    • SUMMARY
  • The present disclosure is based on the object of providing a system that enables simple, fast and user-dependent, secure authentication. Furthermore, it is in particular a goal of the present disclosure to eliminate or at least improve disadvantages of the prior art.
  • Accordingly, the system for granting permission clearance to one medical device or to at least one first medical device of a device complex, in particular an infusion pump, in order to adjust settings on the one medical device or on the at least one first medical device of a device complex, has an authentication server unit provided and configured to perform authentication, the one medical device or the at least one first medical device, and an authentication apparatus, preferably in the form of a mobile terminal device/a mobile terminal device. Here, the authentication apparatus and/or the one medical device or the at least one first medical device is provided and configured to perform authentication of at least one user, wherein the one medical device or the at least one first medical device and/or the authentication apparatus is provided and configured to communicate with the authentication server unit to perform authentication of the one medical device or the at least one first medical device. Upon successful authentication of the one medical device or of the at least one first medical device, the authentication server unit is provided and configured to enable the one medical device or the at least one first medical device with a user-specific use level based on user data.
  • In other words, the system grants setting of/on the one medical device or of/on the at least one first medical device, in particular an infusion pump. Here, an authentication apparatus is provided, in which a user enters his login data (login information) or user name and password, respectively. Alternatively or additionally, the login data or the user name and password may also be entered directly at the medical device, if it is a single device, or directly at a first medical device, if it is a device complex. In such a device complex, a first medical device is provided, which is the so-called main device, i.e. the medical device with the help of which the authentication and authenticating is carried out or with which a first communication or a first input takes place. After successful authentication, the login data or the user name and password are forwarded/sent to the authentication server unit in order to perform authentication, i.e. to check whether the user name and password are correct and whether granting a permission clearance should be permitted. If authentication is successful, a permission clearance is granted to the user together with a corresponding user-specific use level, which is preferably stored in the authentication server unit.
  • In other words, a system for user authentication is provided for one medical device or a group of medical devices. The initial authentication may be performed via an authentication apparatus/mobile application or (directly) on the one medical device or on the one first medical device. After successful authentication with the aid of the authentication server unit, the user level assigned to a user grants the user corresponding access to a user interface of the medical device or of the at least one first medical device, respectively. An authentication apparatus/mobile application communicates with the authentication server unit/with an IT server. The one medical device or the at least one first medical device is also connected to the authentication server unit and bidirectional communication is established. The user enters the user data into the authentication device.
  • Alternatively, it is also possible for the user data to be entered directly into the first medical device.
  • In both cases, it is advantageous if username and password or biometric data are used for user authentication. It is preferred if the authentication apparatus is provided and configured so that the data for user authentication can be entered therein. This user data/login data is sent to the authentication server unit either by the authentication apparatus or by the one/first medical device.
  • It is preferred if the authentication server unit is provided and configured to unlock at least one further medical device in communication contact with the at least one first medical device from the device complex, preferably with the user-specific use level.
  • In other words, the authentication server unit sends an authentication command to at least one further medical device or respectively to all medical devices in communication contact with the first medical device. That is, it is preferred if the further medical devices or the group of medical devices belongs to the first medical device. Here, a group is 1 to n medical devices, which are identifiable by the server and belong, for example, to the same bed location or to the same patient, or are arranged in an (infusion pump) rack.
  • It is advantageous if the one medical device or the at least one first medical device or the authentication apparatus is provided and configured to enter the user data therein and send it to the authentication server unit.
  • It is preferred if the authentication server unit is provided and configured to check and validate the entered data. After successful authentication, the user is linked to his user profile, which contains/has use levels/the use level for the one medical device or the at least one first medical device.
  • It is advantageous if the authentication server unit is provided and configured to send an authentication command to the at least one further medical device, wherein the authentication command comprises information, preferably at least a user name, a time stamp and the user-specific use level. In other words, the authentication command comprises at least a user name, a user level/use level and a time stamp.
  • It is preferred if the one medical device or the at least one first medical device is provided and configured to display a code, preferably a QR code or barcode, which is provided and configured to output a device identification of the at least one first medical device by scanning via the authentication apparatus.
  • It is advantageous if a communication connection between the authentication server unit and the one medical device or the at least one first medical device is configured bidirectionally.
  • It is advantageous if the at least one further medical device (2) is provided and configured to store the information of the authentication command, preferably in a test protocol of the at least one further medical device. In other words, after receiving the command/authentication command, the at least one further medical device is provided and configured to store this command in the test protocol of the at least one further medical device and to grant access to a user interface according to the received use level/user level.
  • In other words, it is advantageous that if the user has already logged in to a single or first device, the identification of the one medical device is already known to the authentication server unit. In the case of the mobile application/authentication apparatus, the user enters the identification number of the medical device, for example by manually entering a number or by scanning a barcode containing the number. It is possible to use technologies such as RFID, Bluetooth or NFC for device identification.
  • It is preferred if the system is provided and configured to enable processing of the one medical device or of the at least one first and/or of the at least one further medical device without authentication in an emergency situation, preferably at a lowest use level.
  • In other words, in emergency situations, the medical device has to allow access at the lowest use level without authentication. In this case, an anonymous user name is stored in the test protocol, and only a mandatory subset of the device functions associated with the lowest use level is available to the user.
  • It is advantageous if the authentication device is configured and provided to control at least parts of the functionality of the at least one medical device or of the group of medical devices, respectively.
  • It is advantageous if the at least one medical device is provided to require re-authentication after a certain period of inactivity.
  • Furthermore, the present disclosure relates to a method for granting permission clearance to a medical device or to at least one first medical device of a device complex, in particular an infusion pump, in order to adjust settings on the one medical device or on the at least one first medical device of a device complex, comprising the following steps:
      • entering user data, preferably user name and password or biometric data, into an authentication apparatus and/or the one medical device or into the at least one first medical device;
      • sending the input to an authentication server unit;
      • entering a device identification of the one medical device or of the at least first medical device into the authentication apparatus, preferably by scanning a code displayable on the one medical device or on the at least first medical device;
      • performing the authentication on the one medical device or on the at least one first medical device; and
      • granting the permission clearance and assigning a user-specific use level.
  • It is preferred if the method comprises the following steps:
      • sending an authentication command to at least one further medical device;
      • storing the received information of the authentication command in the further medical device; and
      • using the at least one further medical device according to the received use level.
  • In other words, a user enters their user data into the authentication apparatus/mobile application or into a single (first) medical device. The user data is sent from the authentication apparatus or from the single (first) medical device to the authentication server unit and grants the user access to the corresponding medical device.
  • The authenticated user is assigned a use rank/use level for the corresponding medical device. Subsequently, the device identification is then entered in the mobile application. The input is preferably made by manual input or by scanning a barcode or via Bluetooth.
  • The authentication server unit sends an authentication command to all further medical devices in communication with the first medical device or belonging to the device group, respectively. The authentication command contains the user name, the use level and the time stamp.
  • The medical devices store the received user name and the use level in their test protocol. The medical devices allow the use according to the received user level.
  • After a certain period of inactivity, the use of the device is blocked again, the information is stored in the test protocol.
    • BRIEF DESCRIPTION OF THE DRAWINGS
  • FIG. 1 is a diagram illustrating a system exemplified by a group of medical devices or infusion pumps, respectively, in accordance with an embodiment of the present disclosure; and
  • FIG. 2 is a flowchart of the method according to the present disclosure.
    •  DETAILED DESCRIPTION
  • Configuration examples of the present disclosure are described below based on the accompanying figures.
  • FIG. 1 is a diagram illustrating a system 1 according to an embodiment of the present disclosure. FIG. 1 shows a first medical device 2, an authentication server unit 3, and an authentication apparatus 4. Furthermore, FIG. 1 shows further medical devices 2 a which are in communication contact with the first medical device 2.
  • The first medical device 2 and the other medical devices 2 a in communication contact with it are preferably arranged in a device complex/rack 5 or at least in one room and associated with one patient.
  • The first medical device 2 and/or the authentication apparatus 4 is/are provided and configured to communicate with the authentication server unit 3 for performing authentication of the first medical device 2.
  • Upon successful authentication of the first medical device 2, the authentication server unit 3 is provided and configured to unlock the first medical device 2 with a user-specific use level based on entered user data.
  • A first communication connection 6 is provided between the first medical device 2 and the authentication server unit 3. Additionally or alternatively, a first communication connection 6 is provided between the authentication apparatus 4 and the authentication server unit 3. The authentication server unit 3 has a respective second communication connection 7 with the first medical device 2 and the further medical devices 2 a.
  • The first communication connection 6 is configured and provided to send input data entered by a user to the authentication server unit 3. The second communication connection 7 is configured and provided to send an authentication command to the first medical device 2 and the further medical devices 2 a. The communication connections 6 and 7, which connect the first medical device 2 and the authentication server unit 3, are therefore a bidirectional communication connection.
  • As shown in FIG. 1 , the authentication apparatus 4 is provided and configured to perform a device identification 8. The device identification 8 is performed via a manual input or scanning of a barcode or via Bluetooth.
  • FIG. 2 is a flowchart of the method according to the present disclosure.
  • In a first step S1, user data, preferably user name and password or biometric data, is input into the authentication apparatus 4 or into at least a first medical device 2.
  • In a second step S2, the input is sent to an authentication server unit 3. The input received is checked and validated by the authentication server unit 3.
  • In a third step S3, a device identification 8 of the first medical device 2 is performed. This is done by entering the device identification 8 into the authentication apparatus 4, preferably by scanning a code that can be displayed on the first medical device 2.
  • In a subsequent step S4, the first medical device 2 is authenticated and in a step S5, a user-specific use level is assigned to the first medical device 2.
  • In a step S6, the authentication server unit 3 sends an authentication command to at least one further medical device 2 a.
  • In step S7, the received information of the authentication command is stored in a test protocol of each medical device 2 and 2 a. The information is at least a user name, the use level and a time stamp.
  • In a final step S8, the user uses the at least one medical device 2 and/or 2 a according to the received use level to adjust a setting. Using the at least one medical device 2 and/or 2 a means setting existing and/or required parameters.

Claims (20)

1.-10. (canceled)
11. A system for granting permission clearance to at least one first medical device of a device complex to adjust settings on the at least one first medical device, the system comprising:
an authentication server unit for performing authentication;
the at least one first medical device; and
an authentication apparatus,
the authentication apparatus and/or the at least one first medical device being configured to perform authentication of at least one user,
the authentication apparatus and/or the at least one first medical device being further configured to communicate with the authentication server unit to perform authentication of the at least one first medical device,
the authentication server unit being configured to enable the at least one first medical device with a user-specific use level based on user data upon successful authentication of the at least one first medical device.
12. The system according to claim 11, wherein the at least one first medical device is an infusion pump.
13. The system according to claim 11, wherein the authentication server unit is provided and configured to unlock at least one second medical device in communication contact with the at least one first medical device from the device complex.
14. The system according to claim 13, wherein the authentication server is provided and configured to unlock the at least one second medical device with the user-specific use level.
15. The system according to claim 13, wherein the authentication server unit is provided and configured to send an authentication command to the at least one second medical device, wherein the authentication command comprises information.
16. The system according to claim 15, wherein the information comprises at least a user name, a time stamp and the user-specific use level.
17. The system according to claim 15, wherein the at least one second medical device is provided and configured to store the information.
18. The system according to claim 17, wherein the information is stored in a test protocol of the at least one second medical device.
19. The system according to claim 13, wherein the system is provided and configured to enable processing of the at least one first medical device and/or of the at least one second medical device without authentication in an emergency situation.
20. The system according to claim 19, wherein the processing is enabled at a lowest use level.
21. The system according to claim 11, wherein the at least one first medical device or the authentication apparatus is provided and configured to enter user data and send user data to the authentication server unit.
22. The system according to claim 11, wherein the at least one first medical device is provided and configured to display a code, which is provided and configured to output a device identification of the at least one first medical device by scanning via the authentication apparatus.
23. The system according to claim 22, wherein the code is a QR code or a barcode.
24. The system according to claim 11, wherein a communication connection between the authentication server unit and the at least one first medical device is configured bidirectionally.
25. A method for granting a permission clearance to at least one first medical device of a device complex in order to adjust settings on the at least one first medical device of a device complex, the method comprising the steps of:
entering user data into an authentication apparatus and/or the at least one first medical device;
sending the user data to an authentication server unit;
entering a device identification of the at least one first medical device into the authentication apparatus;
performing an authentication on the at least one first medical device; and
granting the permission clearance and assigning a user-specific use level.
26. The method according to claim 25, wherein the at least one first medical device is an infusion pump.
27. The method according to claim 25, wherein the user data is a user name and password or biometric data.
28. The method according to claim 25, wherein the device identification is entered by scanning a code displayable on the at least one first medical device
29. The method according to claim 25, further comprising the steps of:
sending an authentication command to at least one second medical device;
storing received information of the authentication command in the at least one second medical device; and
using the at least one second medical device according to a received use level.
US18/323,067 2022-05-25 2023-05-24 User authentication for setting at least one infusion pump Pending US20230381404A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DE102022113210.2 2022-05-25
DE102022113210.2A DE102022113210A1 (en) 2022-05-25 2022-05-25 Authentication of people to set at least one infusion pump

Publications (1)

Publication Number Publication Date
US20230381404A1 true US20230381404A1 (en) 2023-11-30

Family

ID=86604006

Family Applications (1)

Application Number Title Priority Date Filing Date
US18/323,067 Pending US20230381404A1 (en) 2022-05-25 2023-05-24 User authentication for setting at least one infusion pump

Country Status (4)

Country Link
US (1) US20230381404A1 (en)
EP (1) EP4283625A1 (en)
CN (1) CN117131482A (en)
DE (1) DE102022113210A1 (en)

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9996681B2 (en) * 2012-05-18 2018-06-12 Carefusion 303, Inc. Mobile device access for medical devices
WO2015100109A1 (en) 2013-12-27 2015-07-02 Abbott Diabetes Care Inc. Systems, devices, and methods for authentication in an analyte monitoring environment
US20170140134A1 (en) 2015-11-16 2017-05-18 Welch Allyn, Inc. Medical device user caching
DE102016111971A1 (en) * 2016-06-30 2018-01-04 Fresenius Medical Care Deutschland Gmbh Dedicated remote control of several dialysis machines
EP3859573A1 (en) 2020-01-30 2021-08-04 Siemens Healthcare Diagnostics Products GmbH Method for automatically unlocking or locking a computer-assisted medical device

Also Published As

Publication number Publication date
CN117131482A (en) 2023-11-28
EP4283625A1 (en) 2023-11-29
DE102022113210A1 (en) 2023-11-30

Similar Documents

Publication Publication Date Title
US20220318835A1 (en) Using a wireless transmitter and receiver to prevent unauthorized access to restricted computer systems
US10292051B2 (en) System and method for preventing unauthorized access to restricted computer systems
US20220375592A1 (en) Safety Features for Medical Devices Requiring Assistance and Supervision
US10979905B2 (en) Using a wireless transmitter and receiver to prevent unauthorized access to restricted computer systems
US10389729B2 (en) Access control using portable electronic devices
US7647324B2 (en) Methods and apparatus for managing user access to a computing environment
US20130145420A1 (en) Secure authentication using mobile device
CN111903104A (en) Method and system for performing user authentication
CN110178160B (en) Access control system with trusted third party
US20160226883A1 (en) Using a wireless transmitter and receiver to prevent unauthorized access to restricted computer systems
US20220035900A1 (en) Enhanced Authentication for IMD Communication
US20140320259A1 (en) Biometric security apparatus for access and control of a physical locking storage unit
CN114360114B (en) User authority management method and system
US20230419759A1 (en) Entry access system and method for questionnaire screening
US20230381404A1 (en) User authentication for setting at least one infusion pump
CN113763603B (en) Information processing apparatus, information processing method, computer-readable storage medium, and portable terminal
WO2022096870A1 (en) Augmented access control system
JP2007257574A (en) Wireless authentication system
KR20080040859A (en) User authentication system using human body communication
US20210382975A1 (en) Access authorization by means of personal access module

Legal Events

Date Code Title Description
AS Assignment

Owner name: B. BRAUN MELSUNGEN AG, GERMANY

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:SCHMOLL, HORST;REEL/FRAME:064167/0972

Effective date: 20230612

STPP Information on status: patent application and granting procedure in general

Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION